<?php //$Id: change_password_form.php,v 1.11.2.1 2007/11/23 22:12:35 skodak Exp $

require_once $CFG->libdir.'/formslib.php';

class login_change_password_form extends moodleform {

	function definition() {
		global $USER;

		$mform =& $this->_form;

		$mform->addElement('header', '', get_string('changepassword'), '');

		// visible elements
		$mform->addElement('static', 'username', get_string('username'), $USER->username);

		$mform->addElement('password', 'password', get_string('oldpassword'));
		$mform->addRule('password', get_string('required'), 'required', null, 'client');
		$mform->setType('password', PARAM_RAW);

		$mform->addElement('password', 'newpassword1', get_string('newpassword'));
		$mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
		$mform->setType('newpassword1', PARAM_RAW);

		$mform->addElement('password', 'newpassword2', get_string('newpassword').' ('.get_String('again').')');
		$mform->addRule('newpassword2', get_string('required'), 'required', null, 'client');
		$mform->setType('newpassword2', PARAM_RAW);


		// hidden optional params
		$mform->addElement('hidden', 'id', 0);
		$mform->setType('id', PARAM_INT);

		// buttons
		if (get_user_preferences('auth_forcepasswordchange')) {
			$this->add_action_buttons(false);
		} else {
			$this->add_action_buttons(true);
		}
	}

/// perform extra password change validation
	function validation($data, $files) {
		global $USER;
		$errors = parent::validation($data, $files);

		update_login_count();

		// ignore submitted username
		if (!$user = authenticate_user_login($USER->username, $data['password'])) {
			$errors['password'] = get_string('invalidlogin');
			return $errors;
		}

		reset_login_count();

		if ($data['newpassword1'] <> $data['newpassword2']) {
			$errors['newpassword1'] = get_string('passwordsdiffer');
			$errors['newpassword2'] = get_string('passwordsdiffer');
			return $errors;
		}

		if ($data['password'] == $data['newpassword1']){
			$errors['newpassword1'] = get_string('mustchangepassword');
			$errors['newpassword2'] = get_string('mustchangepassword');
			return $errors;
		}

		$errmsg = '';//prevents eclipse warnings
		if (!check_password_policy($data['newpassword1'], $errmsg)) {
			$errors['newpassword1'] = $errmsg;
			$errors['newpassword2'] = $errmsg;
			return $errors;
		}

		return $errors;
	}
}
?>
